const jwt = require('jsonwebtoken');

const login = async (req, res) => {
   const { username } = req.body;
   // 不会存储敏感信息，用户名即可
   const id = new Date().getDate();
   const token = jwt.sign({ id, username }, process.env.JWT_SECRET, {
      expiresIn: '7d',
   });

   res.status(200).json({
      status: 'success',
      token,
   });
};

const getUserInfo = async (req, res) => {
   res.status(200).json({
      msg: `Hello, ${req.user.username}`,
      secret: `Here is your authorized data, your lucky number is ${req.user.id}`,
   });
};

module.exports = {
   login,
   getUserInfo,
};
